I' ve problem installing VS-NAT system for 3 weeks, and I wasn't able to locate the solution of my problem.
The problem:
I have a one real server system, and I defined a httpd service and a telnet service for the LVS. If I want to connect to the realserver from the director everything is OK. But If I try to connect to the LVS from a client it stuck. It just saying Try IP ... .
I will write down the system what I tried to create:
The director is running on an already created network namely 192.168.70.0/24. It has two Intel Ether Express Pro Ethernet Card. The VIP is the eth1 and it's 192.168.70.15. The DIP is the eth0 and it's IP number is: 10.0.0.1. The eth1 is connected to our LAN but the eth0 is connected to a separated HUB. In this HUB there is another connection from the Realserver No.1. which has only one ethernet card with the IP : 10.0.0.2. So the real server(s) can only see the Director and the other real servers If I can get some computer.
Now the director is runing a RedHat 7, but for the LVS I downloaded a 2.2.18 kernel for the test. I patched it with the LVS version 1.02 and I followed the Readme so I only selected those options which it said. ( of corse I also selected ext2fs and such other stuffs :) ). The sheduler algorithms wasn't translated in to the kernel. I select to translate them to modules. OK. kerlen translation then ipvsadm translation.
After that I created a script which rebulid the rules for the lvs. The script does the folowing:
ipvsadm -C
ipvsadm -A -t 192.168.70.15:80 -s rr
ipvsadm -A -t 192.168.70.15:telnet -s rr
ipvsadm -a -t 192.168.70.15:80 -r 10.0.0.2:80 -m -w 1
ipvsadm -a -t 192.168.70.15:telnet -r 10.0.0.2:telnet -m -w 1
ipchains -F
ipchains -X
ipchains -A forward -j MASQ -s 10.0.0.0/8 -d 0.0.0.0/0
The routing table says that
10.0.0.0 mask 255.0.0.0 is eth0
192.168.70.0 mask 255.255.255.0 eth1
I tried to locate the problem with tcpdump and whatched the packages journey from the client to the realserver.
It said that the client (IP 192.168.70.13) asked a http connection on eth1 to 192.168.70.15.
Than on eth0 I see that 192.168.70.13 asked http connection to 10.0.0.2.
And that's it. The 10.0.0.2 didn't want to anserw it.
I hope you see the problem here and you could give me some advise.
The problem:
I have a one real server system, and I defined a httpd service and a telnet service for the LVS. If I want to connect to the realserver from the director everything is OK. But If I try to connect to the LVS from a client it stuck. It just saying Try IP ... .
I will write down the system what I tried to create:
The director is running on an already created network namely 192.168.70.0/24. It has two Intel Ether Express Pro Ethernet Card. The VIP is the eth1 and it's 192.168.70.15. The DIP is the eth0 and it's IP number is: 10.0.0.1. The eth1 is connected to our LAN but the eth0 is connected to a separated HUB. In this HUB there is another connection from the Realserver No.1. which has only one ethernet card with the IP : 10.0.0.2. So the real server(s) can only see the Director and the other real servers If I can get some computer.
Now the director is runing a RedHat 7, but for the LVS I downloaded a 2.2.18 kernel for the test. I patched it with the LVS version 1.02 and I followed the Readme so I only selected those options which it said. ( of corse I also selected ext2fs and such other stuffs :) ). The sheduler algorithms wasn't translated in to the kernel. I select to translate them to modules. OK. kerlen translation then ipvsadm translation.
After that I created a script which rebulid the rules for the lvs. The script does the folowing:
ipvsadm -C
ipvsadm -A -t 192.168.70.15:80 -s rr
ipvsadm -A -t 192.168.70.15:telnet -s rr
ipvsadm -a -t 192.168.70.15:80 -r 10.0.0.2:80 -m -w 1
ipvsadm -a -t 192.168.70.15:telnet -r 10.0.0.2:telnet -m -w 1
ipchains -F
ipchains -X
ipchains -A forward -j MASQ -s 10.0.0.0/8 -d 0.0.0.0/0
The routing table says that
10.0.0.0 mask 255.0.0.0 is eth0
192.168.70.0 mask 255.255.255.0 eth1
I tried to locate the problem with tcpdump and whatched the packages journey from the client to the realserver.
It said that the client (IP 192.168.70.13) asked a http connection on eth1 to 192.168.70.15.
Than on eth0 I see that 192.168.70.13 asked http connection to 10.0.0.2.
And that's it. The 10.0.0.2 didn't want to anserw it.
I hope you see the problem here and you could give me some advise.